2022.10.08 보안 이슈

==2022.10.08==

- PHP 생태계를 위협하는 또 다른 공급망 공격의 가능성 

http://www.boannews.com/media/view.asp?idx=110436&kind=&sub_kind=

- 콜택시 마비시킨 랜섬웨어 '매스스캔' 피해 사례 급증 

https://www.etnews.com/20221006000222

- LilithBot Malware, a new MaaS offered by the Eternity Group 

https://securityaffairs.co/wordpress/136764/breaking-news/lilithbot-malware-eternity-group.html

- GlobeImposter 국내 유포... 2분기 MY-SQL 타깃 랜섬웨어 중 절반 차지

https://www.boannews.com/media/view.asp?idx=110479&kind=1&sub_kind=

- MS 익스체인지 서버의 또 다른 제로데이 취약점 프록시낫셸

https://www.boannews.com/media/view.asp?idx=110522&kind=1&sub_kind=

- “MS가 내놓은 새 익스체인지 서버 취약점 완화 조치, 우회 가능해” 

https://www.ciokorea.com/news/258202

- LofyGang Group Linked to Recent Software Supply Chain Attacks

https://www.infosecurity-magazine.com/news/lofygang-software-supply-chain/

- Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy

https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html

- Binance Hacker steals $566m from Binance Bridge using proof-forgery exploit

https://www.techcentral.ie/hacker-steals-566m-from-binance-bridge-using-proof-forgery-exploit/

- 메신저 피싱 피해액 1,200억원 넘어...50·60대 집중 타깃

https://www.dailysecu.com/news/articleView.html?idxno=140203

- 새 백도어 매기, 마이크로소프트 SQL 서버들 노리고 있어

https://www.boannews.com/media/view.asp?idx=110500&kind=1&sub_kind=

- 록빗 3.0 랜섬웨어, 국내 대기업 S사 공격... 탈취 자료 공개 (삼양)

https://www.boannews.com/media/view.asp?idx=110494&kind=1&sub_kind=

- US govt shares top flaws exploited by Chinese hackers since 2020

https://www.bleepingcomputer.com/news/security/us-govt-shares-top-flaws-exploited-by-chinese-hackers-since-2020/

- 19-Year-Old Teen Arrested for Using Leaked Optus Breach Data in SMS Scam

https://thehackernews.com/2022/10/19-year-old-hacker-arrested-for-using.html

- 라자루스 그룹 DLL Side-Loading 기법 이용 (mi.dll)

https://asec.ahnlab.com/ko/39648/

- 새롭게 등장한 트롤스토어, iOS의 보안성 심각하게 위협해

https://www.boannews.com/media/view.asp?idx=110464&kind=1&sub_kind=

- 전 우버 CISO, 2016년 데이터 유출 사고 덮으려다 유죄 판결 받아

https://www.boannews.com/media/view.asp?idx=110463&kind=1&sub_kind=

- 인기 높은 유튜브 채널에서 악성 토르 브라우저 설치파일 유포돼

https://www.boannews.com/media/view.asp?idx=110434&kind=1&sub_kind=

- Netwalker ransomware affiliate sentenced to 20 years in prison

https://www.bleepingcomputer.com/news/security/netwalker-ransomware-affiliate-sentenced-to-20-years-in-prison/

- Hackers are breaching scam sites to hijack crypto transactions

https://www.bleepingcomputer.com/news/security/hackers-are-breaching-scam-sites-to-hijack-crypto-transactions/

- Russian Hacker Arrested in India for Reportedly Helping Students Cheat in JEE-Main Exam

https://thehackernews.com/2022/10/russian-hacker-arrested-in-india-for.html

- Researchers Link Cheerscrypt Linux-Based Ransomware to Chinese Hackers

https://thehackernews.com/2022/10/researchers-link-cheerscrypt-linux.html

- 블랙바이트 랜섬웨어, 정상적인 드라이버 침해해 보안 기능 무력화

https://www.boannews.com/media/view.asp?idx=110467&kind=1&sub_kind=

https://www.bleepingcomputer.com/news/security/blackbyte-ransomware-abuses-legit-driver-to-disable-security-products/

- Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers

https://thehackernews.com/2022/10/hackers-exploiting-dell-driver.html

- Hackers Steal $21 Million by Exploiting a Flaw in Transit Swap

https://www.cryptonewsz.com/hackers-steal-21-million-usd-by-exploiting-a-flaw-in-transit-swap/

- Ex-NSA Employee Arrested for Trying to Sell U.S. Secrets to a Foreign Government

https://thehackernews.com/2022/10/ex-nsa-employee-arrested-for-trying-to.html

- BlackCat ransomware gang claims to have hacked US defense contractor NJVC (정보기술 관련 방산기업)

https://securityaffairs.co/wordpress/136537/cyber-crime/njvc-data-breach.html